Page MenuHomeFreeBSD

vop_stdadvise(): restore correct handling of length == 0
ClosedPublic

Authored by kib on Sep 3 2024, 4:27 AM.
Tags
None
Referenced Files
F99524595: D46518.diff
Thu, Oct 10, 11:27 AM
Unknown Object (File)
Wed, Oct 9, 8:37 AM
Unknown Object (File)
Fri, Oct 4, 3:25 PM
Unknown Object (File)
Mon, Sep 30, 12:05 AM
Unknown Object (File)
Sun, Sep 29, 9:54 PM
Unknown Object (File)
Sat, Sep 28, 11:12 PM
Unknown Object (File)
Sat, Sep 28, 12:33 AM
Unknown Object (File)
Tue, Sep 24, 3:06 AM
Subscribers

Details

Summary
Switch to unsigned arithmetic to handle overflow not relying on -fwrap,
and specially treat the case of length == 0 from posix_fadvise() which
passes OFF_MAX as the end to VOP.  There, roundup() overflows and -fwrap
causes bend and endn become negative.  Clamp them at OFF_MAX/bsize
instead.

Also remove locals with single use, and move calculations from under bo
lock.

Reported by:    tmunro

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

kib requested review of this revision.Sep 3 2024, 4:27 AM
markj added inline comments.
sys/kern/vfs_default.c
1122
This revision is now accepted and ready to land.Sep 3 2024, 12:53 PM
kib marked an inline comment as done.Sep 3 2024, 9:34 PM
sys/kern/vfs_default.c
1119

I don't think we need this "Restore length" hunk. The round_page() call always just adds one to OFF_MAX (0x7fffffffffffffff -> 0x8000000000000000), so the change to uintmax_t is enough to make the existing endn = bend / bsize produce a correct positive answer.

kib marked an inline comment as done.

clamp is not needed

This revision now requires review to proceed.Sep 4 2024, 7:35 AM
This revision is now accepted and ready to land.Sep 4 2024, 11:00 PM